LDAP

This page is out of date and needs rewriting.
The content is likely to be incomplete or incorrect.

I found this guide to be very useful as it lists answers to the debconf questions. The only difference between the recommended configuration and tardis' is that "Local crypt to use when changing passwords." should be 'exop'.

Note the use_first_pass option. Without it logins will ask for a password for pam_unix, then one for pam_ldap, and so on, causing every other attempt to enter your password to fail even when you get it right. You need to set up /etc/pam.d/common-account in the same way.